- Hands-On Web Penetration Testing with Metasploit
- Harpreet Singh Himanshu Sharma
- 207字
- 2021-06-24 16:19:10
Finding hidden Git repos
Sometimes, while deploying code from Git on a production server, developers leave the git folder in a public directory. This is dangerous as it may allow an attacker to download the entire source code of the application.
Let's look at the git_scanner module, which helps us to discover misconfigured repos on a website:
- Start by searching for the git_scanner keyword:
- Clicking on the module will redirect us to the module options page where we specify the target address and port, and then click Run module:
- A new task is created, as shown in the following screenshot:
- Once the task is complete, we can go to the Analysis tab and click on our host. In the Notes section, we see that the auxiliary has found the config and index files of the repository:
- Next, we can go to the Captured Data tab to view the contents of the files found by the auxiliary:
- Clicking on View shows the contents of the config file, which contains the git URL, the version, and some branch information. This information can also be used to download the entire source code of the application:
Next, we will check for open proxy services.